Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19595
HistoryMay 12, 2010 - 12:00 a.m.

Tex Live bbdospecial()函数整数溢出漏洞

2010-05-1200:00:00
Root
www.seebug.org
12

0.043 Low

EPSS

Percentile

91.3%

JSON

BUGTRAQ ID: 39966
CVE(CAN) ID: CVE-2010-1440

TeX Live是用于创建TeX排版系统的工具。

TeX Live的dospecial.c文件中的bbdospecial()函数中存在最终可导致堆溢出的整数溢出漏洞。用户受骗打开了畸形的.dvi文件就可以触发这个溢出,导致执行任意代码。

TeX Live 2009
TeX Live 2008
TeX Live 2007
厂商补丁:

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2010:0401-01)以及相应补丁:
RHSA-2010:0401-01:Moderate: tetex security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0401.html

Ubuntu

Ubuntu已经为此发布了一个安全公告(USN-937-1)以及相应补丁:
USN-937-1:texlive-bin vulnerabilities
链接:http://www.ubuntu.com/usn/USN-937-1

TeX Live

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.tug.org/svn/texlive?view=revision&revision=18095

Related

veracode 1
nessus 23
prion 1
debiancve 1
cve 1
ubuntucve 1
fedora 3
openvas 29
ubuntu 1
securityvulns 2
gentoo 1
redhat 3
centos 3
oraclelinux 3
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:44:56
nessus
nessus
Fedora 11 : texlive-2007-47.fc11 (2010-8273)
2010-07-01 00:00:00
Fedora 13 : texlive-2007-51.fc13 (2010-8314)
2010-07-01 00:00:00
Fedora 12 : texlive-2007-48.fc12 (2010-8242)
2010-07-01 00:00:00
prion
prion
Integer overflow
2010-05-07 18:24:00
debiancve
debiancve
CVE-2010-1440
2010-05-07 18:24:00
cve
cve
CVE-2010-1440
2010-05-07 18:24:00
ubuntucve
ubuntucve
CVE-2010-1440
2010-05-03 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: texlive-2007-48.fc12
2010-05-18 21:49:45
[SECURITY] Fedora 13 Update: texlive-2007-51.fc13
2010-05-18 21:44:16
[SECURITY] Fedora 11 Update: texlive-2007-47.fc11
2010-05-18 21:51:53
openvas
openvas
Fedora Update for texlive FEDORA-2010-8242
2010-05-28 00:00:00
Fedora Update for texlive FEDORA-2010-8242
2010-05-28 00:00:00
Ubuntu Update for texlive-bin vulnerabilities USN-937-1
2010-05-07 00:00:00
ubuntu
ubuntu
TeX Live vulnerabilities
2010-05-06 00:00:00
securityvulns
securityvulns
dvipng / TeX Live memory corruption
2010-05-11 00:00:00
[USN-937-1] TeX Live vulnerabilities
2010-05-11 00:00:00
gentoo
gentoo
TeX Live: Multiple vulnerabilities
2012-06-25 00:00:00
redhat
redhat
(RHSA-2010:0401) Moderate: tetex security update
2010-05-06 00:00:00
(RHSA-2010:0400) Moderate: tetex security update
2010-05-06 00:00:00
(RHSA-2010:0399) Moderate: tetex security update
2010-05-06 00:00:00
centos
centos
tetex security update
2010-05-07 22:13:10
tetex security update
2010-05-07 22:21:31
tetex security update
2010-05-28 10:47:02
oraclelinux
oraclelinux
tetex security update
2010-05-06 00:00:00
tetex security update
2010-05-06 00:00:00
tetex security update
2010-05-06 00:00:00

0.043 Low

EPSS

Percentile

91.3%

JSON
Related for SSV:19595
veracode1nessus23prion1debiancve1cve1ubuntucve1fedora3openvas29ubuntu1securityvulns2gentoo1redhat3centos3oraclelinux3